-
Linabbs's blog- ZA采用升級安裝或者導入舊版ZA的配置文件到新版導致程序列表假死的Bug。
- 裝了ZA,如何使你的開機速度快點
- 如何設置查看局域網內被設入internet區機器的共享資源
- ZA也可以做到低資源占用!
- 關于za for vista(在VISTA下用ZA的人過來看看)
- CheckPoint Integrity Desktop v6.5.063.207 KeyGen
- 戰術攻防之近距離搏擊篇(ARP)攻擊
- 還在使用老版ZA的朋友們注意:ZoneAlarm防火墻產品有多個本地權限提升存在漏洞
- Knowledge Base / KB Extended (KE) 內容列表及說明
- 關于《利用ZA專家規則,允許/禁止端口》的一點補充和說明
Jan
31
I have popups, computer slow, error messages
Filed Under Virus |
Welll i have had this problem for about 2 days after i downloaded the program "Frostwire". I’ve ran virus scans && all of that and have deleted a few of the problems,but its still slow and not working properly. I get error messages when the computer starts up && it tries to install some program… If anyone could help me get it back to normal i’d appriciate it!
Please read this and post the requested logs.
I should add that the people in this forum can be quite busy at times but I’m sure your post will be picked up by one of the experts in due course.
I’m tryin to get the program on my computer thats not workin properlly, but it will not connect to the internet.
Can you download it to another computer and transfer across (you may need to rename the program…
eg, instead of rsit.exe rename it to myrsit.exe and then try to run.
i tried to email it and try to download it that way on my computer but the internet still wont access far enough.. How do i do that?
Computer slow && pop-ups, virus?
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Compaq_Owner at 2009-01-15 02:36:40
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 75 GB (70%) free of 107 GB
Total RAM: 446 MB (14% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:37:17 AM, on 1/15/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\MICROI~1\INTERN~1\KEMailKb.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\msiexec.exe
c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\windows\system\hpsysdrv.exe
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\11UJ43PN\RSIT[1].exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\trend micro\Compaq_Owner.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY…RIO&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY…RIO&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY…RIO&pf=desktop
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [D-Link Wireless G WDA-1320] C:\Program Files\D-Link\Wireless G WDA-1320\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [KEMailKb] C:\PROGRA~1\MICROI~1\INTERN~1\KEMailKb.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User ‘Default user’)
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra ‘Tools’ menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - https://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://games.bigfishgames.com/en_fee…utLauncher.cab
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
–
End of file - 10724 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Compaq_Owner.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll [2007-09-05 816400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}]
CNavExtBho Class - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-01-20 2403392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-05 737776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll [2007-09-05 816400]
{C4069E3A-68F1-403E-B40E-20066696354B} - Norton AntiVirus - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar3.dll [2007-01-20 2403392]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ftutil2"=C:\WINDOWS\system32\ftutil2.dll [2004-06-07 106496]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-13 16239616]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-05-09 7311360]
"nwiz"=nwiz.exe /install []
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-23 237568]
"PCDrProfiler"= []
"ccApp"=c:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-11-21 52840]
"HPBootOp"=C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [2006-02-16 249856]
"Reminder"=C:\Windows\Creator\Remind_XP.exe [2004-12-14 663552]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"D-Link Wireless G WDA-1320"=C:\Program Files\D-Link\Wireless G WDA-1320\AirGCFG.exe [2005-12-14 2711552]
"ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2005-11-30 49152]
"KEMailKb"=C:\PROGRA~1\MICROI~1\INTERN~1\KEMailKb.EXE [2005-09-22 401408]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"!AVG Anti-Spyware"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11 6731312]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-03-28 413696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AIM"=C:\Program Files\AIM\aim.exe [2006-08-01 67112]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-05-25 68856]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Compaq Connections.lnk - C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceOb jectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-19 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell ExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e0 9be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Syste m]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explor er]
"NoDriveTypeAutoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameter s\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@x psp2res.dll,-22019"
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe"="C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections"
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AIM"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameter s\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@x psp2res.dll,-22019"
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe"="C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 3 months======
2009-01-15 02:36:55 —-D—- C:\Program Files\trend micro
2009-01-15 02:36:40 —-D—- C:\rsit
2009-01-15 02:29:28 —-D—- C:\Program Files\McAfee
2009-01-15 02:24:21 —-HDC—- C:\WINDOWS\$NtUninstallKB958687$
2009-01-15 01:43:01 —-D—- C:\Program Files\LimeWire
2009-01-15 01:42:31 —-D—- C:\Program Files\Sun
2009-01-15 01:42:08 —-D—- C:\Program Files\music_now
2009-01-15 01:42:08 —-D—- C:\Program Files\BFG
2009-01-15 01:42:07 —-D—- C:\Program Files\Google Video
2009-01-15 01:42:07 —-D—- C:\Program Files\AOD
2009-01-15 01:42:06 —-D—- C:\Program Files\Netscape
2009-01-15 01:41:07 —-D—- C:\Program Files\MSN Encarta Standard
2009-01-15 01:40:20 —-D—- C:\WINDOWS\DED53B0BB67C4244AE6AD6FD3C28D1EF.TMP
2009-01-15 01:34:37 —-A—- C:\WINDOWS\ntbtlog.txt
2009-01-14 01:21:44 —-D—- C:\Program Files\ESET
2009-01-14 01:21:44 —-D—- C:\Documents and Settings\All Users\Application Data\ESET
2009-01-14 01:18:30 —-D—- C:\Program Files\Mozilla Firefox(2)
2009-01-14 01:13:05 —-D—- C:\Documents and Settings\All Users\Application Data\McAfee
2009-01-14 00:56:55 —-D—- C:\WINDOWS\system32\GroupPolicyManifest(2)
2009-01-13 10:43:16 —-ASH—- C:\WINDOWS\system32\275.tmp
2009-01-12 00:13:11 —-D—- C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes
2009-01-12 00:12:41 —-D—- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-12 00:12:39 —-D—- C:\Program Files\Malwarebytes’ Anti-Malware
2009-01-11 22:44:18 —-D—- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-01-11 21:32:50 —-D—- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2009-01-11 20:23:29 —-D—- C:\WINDOWS\pss
2009-01-11 20:00:04 —-A—- C:\WINDOWS\IE4 Error Log.txt
2009-01-10 22:31:27 —-ASH—- C:\WINDOWS\system32\89F.tmp
2009-01-10 15:00:47 —-A—- C:\WINDOWS\system32\javaws.exe
2009-01-10 15:00:46 —-A—- C:\WINDOWS\system32\javaw.exe
2009-01-10 15:00:46 —-A—- C:\WINDOWS\system32\java.exe
2009-01-10 14:26:33 —-D—- C:\Program Files\LimeWire(2)
2009-01-09 21:17:59 —-A—- C:\WINDOWS\system32\eventlog32.dll
2009-01-09 20:13:16 —-D—- C:\Documents and Settings\Compaq_Owner\Application Data\FrostWire
2009-01-09 20:10:20 —-D—- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla
2008-12-12 15:09:34 —-HDC—- C:\WINDOWS\$NtUninstallKB955839$
2008-12-12 15:03:01 —-HDC—- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-12 15:02:41 —-HDC—- C:\WINDOWS\$NtUninstallKB954600$
2008-12-12 15:01:42 —-HDC—- C:\WINDOWS\$NtUninstallKB956802$
2008-12-02 15:08:13 —-HDC—- C:\WINDOWS\$NtUninstallKB951978$
2008-12-02 15:05:15 —-HDC—- C:\WINDOWS\$NtUninstallKB954459$
2008-12-01 18:17:47 —-A—- C:\WINDOWS\OEWABLog.txt
2008-12-01 18:17:45 —-D—- C:\WINDOWS\Prefetch
2008-12-01 18:11:06 —-HDC—- C:\WINDOWS\$NtUninstallKB958644$
2008-12-01 18:10:44 —-HDC—- C:\WINDOWS\$NtUninstallKB957097$
2008-12-01 18:10:15 —-HDC—- C:\WINDOWS\$NtUninstallKB957095$
2008-12-01 18:09:52 —-HDC—- C:\WINDOWS\$NtUninstallKB956841$
2008-12-01 18:09:38 —-HDC—- C:\WINDOWS\$NtUninstallKB956803$
2008-12-01 18:09:16 —-HDC—- C:\WINDOWS\$NtUninstallKB955069$
2008-12-01 18:09:04 —-HDC—- C:\WINDOWS\$NtUninstallKB954211$
2008-12-01 18:08:50 —-HDC—- C:\WINDOWS\$NtUninstallKB952954$
2008-12-01 18:08:39 —-HDC—- C:\WINDOWS\$NtUninstallKB952287$
2008-12-01 18:08:26 —-HDC—- C:\WINDOWS\$NtUninstallKB951748$
2008-12-01 18:08:14 —-HDC—- C:\WINDOWS\$NtUninstallKB951698$
2008-12-01 18:08:03 —-HDC—- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-01 18:07:52 —-HDC—- C:\WINDOWS\$NtUninstallKB951376$
2008-12-01 18:07:39 —-HDC—- C:\WINDOWS\$NtUninstallKB951066$
2008-12-01 18:07:22 —-HDC—- C:\WINDOWS\$NtUninstallKB950974$
2008-12-01 18:07:10 —-HDC—- C:\WINDOWS\$NtUninstallKB950762$
2008-12-01 18:06:57 —-HDC—- C:\WINDOWS\$NtUninstallKB946648$
2008-12-01 18:06:34 —-HDC—- C:\WINDOWS\$NtUninstallKB938464$
2008-12-01 17:53:51 —-A—- C:\WINDOWS\setuplog.txt
2008-12-01 17:48:11 —-D—- C:\WINDOWS\system32\scripting
2008-12-01 17:48:06 —-D—- C:\WINDOWS\l2schemas
2008-12-01 17:47:57 —-D—- C:\WINDOWS\system32\en
2008-12-01 17:47:53 —-D—- C:\WINDOWS\system32\bits
2008-12-01 17:39:36 —-D—- C:\WINDOWS\ServicePackFiles
2008-12-01 17:27:07 —-HDC—- C:\WINDOWS\$NtServicePackUninstall$
2008-12-01 17:26:19 —-D—- C:\WINDOWS\EHome
2008-11-12 15:03:35 —-HDC—- C:\WINDOWS\$NtUninstallKB957097_0$
2008-11-12 15:03:10 —-HDC—- C:\WINDOWS\$NtUninstallKB955069_0$
2008-11-07 23:54:02 —-D—- C:\Program Files\Shockwave.com
2008-11-06 23:55:05 —-D—- C:\Documents and Settings\All Users\Application Data\GameHouse
2008-10-25 23:07:36 —-D—- C:\WINDOWS\system32\Adobe
2008-10-24 14:02:24 —-HDC—- C:\WINDOWS\$NtUninstallKB958644_0$
======List of files/folders modified in the last 3 months======
2009-01-15 02:37:16 —-D—- C:\WINDOWS\Temp
2009-01-15 02:36:55 —-D—- C:\Program Files
2009-01-15 02:36:47 —-D—- C:\Program Files\Common Files\Symantec Shared
2009-01-15 02:32:34 —-AD—- C:\WINDOWS
2009-01-15 02:30:54 —-A—- C:\WINDOWS\SchedLgU.Txt
2009-01-15 02:24:40 —-HD—- C:\WINDOWS\inf
2009-01-15 02:24:28 —-RSHD—- C:\WINDOWS\system32\dllcache
2009-01-15 02:24:28 —-D—- C:\WINDOWS\system32\drivers
2009-01-15 02:24:24 —-D—- C:\WINDOWS\system32
2009-01-15 02:23:31 —-HD—- C:\WINDOWS\$hf_mig$
2009-01-15 02:22:18 —-D—- C:\WINDOWS\system32\CatRoot2
2009-01-15 01:45:01 —-D—- C:\WINDOWS\system32\config
2009-01-15 01:44:17 —-D—- C:\WINDOWS\system32\wbem
2009-01-15 01:44:16 —-D—- C:\WINDOWS\Registration
2009-01-15 01:42:49 —-SHD—- C:\WINDOWS\Installer
2009-01-15 01:42:43 —-HD—- C:\Config.Msi
2009-01-15 01:42:25 —-D—- C:\Program Files\IrfanView
2009-01-15 01:42:16 —-D—- C:\Program Files\NetMeeting
2009-01-15 01:41:32 —-D—- C:\Program Files\Norton Internet Security
2009-01-15 01:40:29 —-SHD—- C:\RECYCLER
2009-01-12 14:41:02 —-A—- C:\WINDOWS\win.ini
2009-01-12 14:41:02 —-A—- C:\WINDOWS\system.ini
2009-01-12 13:33:37 —-D—- C:\Program Files\Common Files
2009-01-11 20:44:47 —-D—- C:\Documents and Settings\All Users\Application Data\Symantec
2009-01-11 20:43:27 —-D—- C:\Program Files\Symantec
2009-01-11 20:43:26 —-A—- C:\WINDOWS\system32\S32EVNT1.DLL
2009-01-11 20:23:58 —-RASH—- C:\boot.ini
2009-01-11 13:19:06 —-D—- C:\WINDOWS\system32\Restore
2009-01-11 13:09:00 —-D—- C:\Documents and Settings\Compaq_Owner\Application Data\HP
2009-01-10 14:59:51 —-D—- C:\Program Files\Java
2009-01-09 20:35:28 —-A—- C:\WINDOWS\system32\MRT.exe
2008-12-18 15:01:36 —-A—- C:\WINDOWS\imsins.BAK
2008-12-18 15:01:22 —-D—- C:\WINDOWS\ie7updates
2008-12-13 01:40:02 —-A—- C:\WINDOWS\system32\mshtml.dll
2008-12-12 15:08:01 —-D—- C:\Program Files\Internet Explorer
2008-12-02 00:28:22 —-D—- C:\WINDOWS\system32\FxsTmp
2008-12-01 18:20:35 —-AC—- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-01 18:19:49 —-D—- C:\WINDOWS\Debug
2008-12-01 18:16:44 —-D—- C:\WINDOWS\system32\Setup
2008-12-01 18:16:44 —-D—- C:\WINDOWS\AppPatch
2008-12-01 18:16:41 —-RSD—- C:\WINDOWS\Fonts
2008-12-01 18:15:55 —-D—- C:\WINDOWS\security
2008-12-01 18:11:28 —-D—- C:\WINDOWS\system32\CatRoot
2008-12-01 18:06:59 —-D—- C:\Program Files\Messenger
2008-12-01 17:50:09 —-D—- C:\WINDOWS\WinSxS
2008-12-01 17:49:16 —-D—- C:\WINDOWS\network diagnostic
2008-12-01 17:49:15 —-D—- C:\WINDOWS\ime
2008-12-01 17:49:14 —-D—- C:\WINDOWS\Help
2008-12-01 17:48:16 —-D—- C:\WINDOWS\system32\usmt
2008-12-01 17:48:16 —-D—- C:\WINDOWS\system32\en-US
2008-12-01 17:47:53 —-D—- C:\WINDOWS\PeerNet
2008-12-01 17:47:51 —-D—- C:\Program Files\Movie Maker
2008-12-01 17:39:28 —-D—- C:\WINDOWS\system32\npp
2008-12-01 17:39:26 —-D—- C:\WINDOWS\msagent
2008-12-01 17:39:23 —-D—- C:\WINDOWS\srchasst
2008-12-01 17:39:20 —-D—- C:\WINDOWS\system32\Com
2008-12-01 17:39:17 —-D—- C:\Program Files\Windows Media Player
2008-12-01 17:39:16 —-D—- C:\Program Files\Windows NT
2008-12-01 17:39:16 —-D—- C:\Program Files\Outlook Express
2008-12-01 17:39:12 —-D—- C:\Program Files\Common Files\System
2008-12-01 17:38:43 —-D—- C:\WINDOWS\system32\oobe
2008-12-01 17:38:33 —-D—- C:\WINDOWS\system
2008-12-01 17:32:17 —-D—- C:\WINDOWS\system32\ReinstallBackups
2008-11-06 23:54:57 —-SD—- C:\WINDOWS\Downloaded Program Files
2008-10-26 21:09:07 —-SD—- C:\WINDOWS\Tasks
2008-10-26 02:10:20 —-D—- C:\Documents and Settings\Compaq_Owner\Application Data\Adobe
2008-10-25 23:10:12 —-D—- C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia
2008-10-25 23:10:10 —-D—- C:\WINDOWS\system32\Macromed
2008-10-23 07:36:14 —-A—- C:\WINDOWS\system32\gdi32.dll
2008-10-23 05:06:59 —-N—- C:\WINDOWS\system32\tzchange.exe
2008-10-17 14:48:38 —-D—- C:\Program Files\Common Files\HP
2008-10-16 15:38:40 —-A—- C:\WINDOWS\system32\wininet.dll
2008-10-16 15:38:39 —-N—- C:\WINDOWS\system32\occache.dll
2008-10-16 15:38:39 —-N—- C:\WINDOWS\system32\mstime.dll
2008-10-16 15:38:39 —-A—- C:\WINDOWS\system32\webcheck.dll
2008-10-16 15:38:39 —-A—- C:\WINDOWS\system32\urlmon.dll
2008-10-16 15:38:39 —-A—- C:\WINDOWS\system32\url.dll
2008-10-16 15:38:39 —-A—- C:\WINDOWS\system32\pngfilt.dll
2008-10-16 15:38:38 —-N—- C:\WINDOWS\system32\msrating.dll
2008-10-16 15:38:38 —-A—- C:\WINDOWS\system32\mshtmled.dll
2008-10-16 15:38:37 —-N—- C:\WINDOWS\system32\jsproxy.dll
2008-10-16 15:38:37 —-N—- C:\WINDOWS\system32\iernonce.dll
2008-10-16 15:38:37 —-A—- C:\WINDOWS\system32\msfeedsbs.dll
2008-10-16 15:38:37 —-A—- C:\WINDOWS\system32\msfeeds.dll
2008-10-16 15:38:37 —-A—- C:\WINDOWS\system32\iertutil.dll
2008-10-16 15:38:37 —-A—- C:\WINDOWS\system32\ieframe.dll
2008-10-16 15:38:35 —-N—- C:\WINDOWS\system32\iedkcs32.dll
2008-10-16 15:38:35 —-N—- C:\WINDOWS\system32\ieaksie.dll
2008-10-16 15:38:35 —-N—- C:\WINDOWS\system32\ieakeng.dll
2008-10-16 15:38:35 —-N—- C:\WINDOWS\system32\extmgr.dll
2008-10-16 15:38:35 —-A—- C:\WINDOWS\system32\ieapfltr.dll
2008-10-16 15:38:35 —-A—- C:\WINDOWS\system32\icardie.dll
2008-10-16 15:38:34 —-A—- C:\WINDOWS\system32\dxtrans.dll
2008-10-16 15:38:34 —-A—- C:\WINDOWS\system32\dxtmsft.dll
2008-10-16 15:38:34 —-A—- C:\WINDOWS\system32\advpack.dll
2008-10-16 14:13:40 —-A—- C:\WINDOWS\system32\wuweb.dll
2008-10-16 14:13:40 —-A—- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:12:22 —-A—- C:\WINDOWS\system32\wucltui.dll
2008-10-16 14:12:20 —-A—- C:\WINDOWS\system32\wuapi.dll
2008-10-16 14:09:44 —-A—- C:\WINDOWS\system32\wups2.dll
2008-10-16 14:09:44 —-A—- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 —-A—- C:\WINDOWS\system32\cdm.dll
2008-10-16 14:09:40 —-A—- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 14:08:58 —-A—- C:\WINDOWS\system32\wups.dll
2008-10-16 14:07:44 —-A—- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 14:07:14 —-A—- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-16 08:11:09 —-N—- C:\WINDOWS\system32\ie4uinit.exe
2008-10-16 08:11:09 —-A—- C:\WINDOWS\system32\ieudinit.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 SAVRTPEL;SAVRTPEL; \??\c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS []
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-10-01 189320]
R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB); C:\WINDOWS\system32\DRIVERS\A3AB.sys [2005-08-25 466880]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2005-09-22 17408]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-14 4299264]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070223.017\NAVENG.Sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070223.017\NavEx15.Sys []
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-05-09 3535680]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-03 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-03 13056]
R3 SAVRT;SAVRT; \??\c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS []
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-10-01 12680]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-10-01 98184]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-10-01 31624]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20081213.001\symidsco.sy s []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-10-01 28040]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-10-01 23944]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-01-25 1149888]
S3 HSX_DP;HSX_DP; C:\WINDOWS\system32\DRIVERS\HSX_DP.sys [2005-12-06 936448]
S3 HSXHWBS2;HSXHWBS2; C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys [2005-12-06 241664]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 winachsx;winachsx; C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys [2005-12-06 670208]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-07-25 100032]
R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]
R2 ccEvtMgr;Symantec Event Manager; c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2006-11-21 192104]
R2 ccProxy;Symantec Network Proxy; c:\Program Files\Common Files\Symantec Shared\ccProxy.exe [2006-11-21 202344]
R2 ccSetMgr;Symantec Settings Manager; c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2006-11-21 169576]
R2 navapsvc;Norton AntiVirus Auto-Protect Service; c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe [2006-02-05 139936]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-05-09 131139]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 SNDSrvc;Symantec Network Drivers Service; c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2007-10-01 214408]
R2 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2007-09-19 1247600]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-07-25 2119360]
R3 NSCService;Norton Protection Center Service; c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE [2005-09-24 749696]
S2 ANIWZCSdService;ANIWZCSd Service; C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [2005-11-30 49152]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 ccISPwdSvc;Symantec Internet Security Password Validation; c:\Program Files\Norton Internet Security\ccPwdSvc.exe [2006-02-03 72328]
S3 comHost;COM Host; c:\Program Files\Norton Internet Security\comHost.exe [2006-02-07 45744]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-06 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 SAVScan;Symantec AVScan; c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe [2005-08-26 198368]
S3 SPBBCSvc;Symantec SPBBCSvc; c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [2005-11-04 1160848]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
—————–EOF—————–
Hi brittanybadazz,
Your log appears clean. If you are still receiving error messages, please give details of them.
I’d like to run another tool too. This tool tends to be quite aggressive, so please be sure to configure it exactly as listed below. I only want to see a Report of what it finds.
Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
Doubleclick the drweb-cureit.exe file and click ‘Start’ to run the express scan. This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan. Once the short scan has finished, we need to change the default settings.
In the Menu Bar at the top, click ‘Setting’>Change Settings.
Click on the Actions tab
Using the drop down menus, change each item under Objects and Malware to Report
Next, ‘tick’ Complete Scan.
Click the green arrow at the right, and the scan will start.
Click ‘No to All’ if it asks if you want to cure/move the file.
After the scan has completed, in the Dr.Web CureIt menu on top, click File and choose Save Report List
Save the report to your desktop. The report will be called DrWeb.csv
Close Dr.Web Cureit.
Post the contents of the log from Dr.Web you saved previously in your next reply.
Related Posts:
Comments
Leave a Reply
You must be logged in to post a comment.